msgid "The <command>vipw</command> and <command>vigr</command> commands edits the files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, respectively. With the <option>-s</option> flag, they will edit the shadow versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/gshadow</filename>, respectively. The programs will set the appropriate locks to prevent file corruption. When looking for an editor, the programs will first try the environment variable <envar>$VISUAL</envar>, then the environment variable <envar>$EDITOR</envar>, and finally the default editor, <citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
msgid "The new value of the user's password file comment field. It is normally modified using the <citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
msgid "If the <option>-m</option> option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist."
msgid "A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the <option>-g</option> option."
msgid "If the user is currently a member of a group which is not listed, the user will be removed from the group. This behaviour can be changed via the <option>-a</option> option, which appends the user to the current supplementary group list."
msgid "The name of the user will be changed from <replaceable>LOGIN</replaceable> to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In particular, the user's home directory name should probably be changed manually to reflect the new login name."
msgid "Lock a user's password. This puts a '!' in front of the encrypted password, effectively disabling the password. You can't use this option with <option>-p</option> or <option>-U</option>."
msgid "Note: if you wish to lock the account (not only access with a password), you should also set the <replaceable>EXPIRE_DATE</replaceable> to <replaceable>1</replaceable>."
msgid "<emphasis role=\"bold\">Note:</emphasis> This option is not recommended because the password (or encrypted password) will be visible by users listing the processes."
msgid "The password will be written in the local <filename>/etc/passwd</filename> or <filename>/etc/shadow</filename> file. This might differ from the password database configured in your PAM configuration."
msgid "This value must be unique, unless the <option>-o</option> option is used. The value must be non-negative. Values between 0 and 999 are typically reserved for system accounts."
msgid "The user's mailbox, and any files which the user owns and which are located in the user's home directory will have the file user ID changed automatically."
msgid "Unlock a user's password. This removes the '!' in front of the encrypted password. You can't use this option with <option>-p</option> or <option>-L</option>."
msgid "Note: if you wish to unlock the account (not only access with a password), you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value from <filename>/etc/default/useradd</filename>)."
msgid "The SELinux user for the user's login. The default is to leave this field the blank, which causes the system to select the default SELinux user."
msgid "You must make certain that the named user is not executing any processes when this command is being executed if the user's numerical user ID, the user's name, or the user's home directory is being changed. <command>usermod</command> checks this on Linux, but only check if the user is logged in according to utmp on other architectures."
msgstr ""
#: usermod.8.xml:349(para)
msgid "You must change the owner of any <command>crontab</command> files or <command>at</command> jobs manually."
msgid "The mail spool directory. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted. If not specified, a compile-time default is used."
msgid "The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are used by <command>useradd</command>, <command>usermod</command>, and <command>userdel</command> to create, move, or delete the user's mail spool."
msgid "If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</replaceable>, they are also used to define the <envar>MAIL</envar> environment variable."
msgid "Maximum members per group entry. When the maximum is reached, a new group entry (line) is started in <filename>/etc/group</filename> (with the same name, same password, and same GID)."
msgid "This feature (split group) permits to limit the length of lines in the group file. This is useful to make sure that lines for NIS groups are not larger than 1024 characters."
msgid "Note: split groups may not be supported by all tools (even in the Shadow toolsuite). You should not use this variable unless you really need it."
msgid "The <command>userdel</command> command modifies the system account files, deleting all entries that refer to the user name <emphasis remap=\"I\">LOGIN</emphasis>. The named user must exist."
msgstr ""
#: userdel.8.xml:70(para)
msgid "The options which apply to the <command>userdel</command> command are:"
msgid "This option forces the removal of the user account, even if the user is still logged in. It also forces <command>userdel</command> to remove the user's home directory and mail spool, even if another user uses the same home directory or if the mail spool is not owned by the specified user. If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</emphasis> in <filename>/etc/login.defs</filename> and if a group exists with the same name as the deleted user, then this group will be removed, even if it is still the primary group of another user."
msgid "Files in the user's home directory will be removed along with the home directory itself and the user's mail spool. Files located in other file systems will have to be searched for and deleted manually."
msgid "If defined, this command is run when removing a user. It should remove any at/cron/print jobs etc. owned by the user to be removed (passed as the first argument)."
msgid "\n#! /bin/sh\n\n# Check for the required argument.\nif [ $# != 1 ]; then\n\techo \"Usage: $0 username\"\n\texit 1\nfi\n\n# Remove cron jobs.\ncrontab -r -u $1\n\n# Remove at jobs.\n# Note that it will remove any jobs owned by the same UID,\n# even if it was shared by a different username.\nAT_SPOOL_DIR=/var/spool/cron/atjobs\nfind $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n\n# Remove print jobs.\nlprm $1\n\n# All done.\nexit 0\n "
msgid "Enable setting of the umask group bits to be the same as owner bits (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is the same as gid, and username is the same as the primary group name."
msgid "If set to <replaceable>yes</replaceable>, <command>userdel</command> will remove the user's group if it contains no more members, and <command>useradd</command> will create by default a group with the name of the user."
msgid "<command>userdel</command> will not allow you to remove an account if there are running processes which belong to this account. In that case, you may have to kill those processes or lock the user's password or account and remove the account later. The <option>-f</option> option can force the deletion of this account."
msgid "If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</command> will delete the group with the same name as the user. To avoid inconsistencies in the passwd and group databases, <command>userdel</command> will check that this group is not used as a primary group for another user, and will just warn without deleting the group otherwise. The <option>-f</option> option can force the deletion of this group."
msgid "create a new user or update default new user information"
msgstr ""
#: useradd.8.xml:67(arg) useradd.8.xml:71(arg)
msgid "-D"
msgstr ""
#: useradd.8.xml:80(para)
msgid "When invoked without the <option>-D</option> option, the <command>useradd</command> command creates a new user account using the values specified on the command line plus the default values from the system. Depending on command line options, the <command>useradd</command> command will update system files and may also create the new user's home directory and copy initial files."
msgstr ""
#: useradd.8.xml:89(para)
msgid "By default, a group will also be created for the new user (see <option>-g</option>, <option>-N</option>, <option>-U</option>, and <option>USERGROUPS_ENAB</option>)."
msgstr ""
#: useradd.8.xml:98(para)
msgid "The options which apply to the <command>useradd</command> command are:"
msgid "The default base directory for the system if <option>-d</option><replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</replaceable> is concatenated with the account name to define the home directory. If the <option>-m</option> option is not used, <replaceable>BASE_DIR</replaceable> must exist."
msgstr ""
#: useradd.8.xml:115(para)
msgid "If this option is not specified, <command>useradd</command> will use the base directory specified by the <option>HOME</option> variable in <filename>/etc/default/useradd</filename>, or <filename>/home</filename> by default."
msgstr ""
#: useradd.8.xml:130(para)
msgid "Any text string. It is generally a short description of the login, and is currently used as the field for the user's full name."
msgstr ""
#: useradd.8.xml:143(para)
msgid "The new user will be created using <replaceable>HOME_DIR</replaceable> as the value for the user's login directory. The default is to append the <replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> and use that as the login directory name. The directory <replaceable>HOME_DIR</replaceable> does not have to exist but will not be created if it is missing."
msgid "See below, the subsection \"Changing the default values\"."
msgstr ""
#: useradd.8.xml:174(para)
msgid "If not specified, <command>useradd</command> will use the default expiry date specified by the <option>EXPIRE</option> variable in <filename>/etc/default/useradd</filename>, or an empty string (no expiry) by default."
msgstr ""
#: useradd.8.xml:188(para)
msgid "The number of days after a password expires until the account is permanently disabled. A value of 0 disables the account as soon as the password has expired, and a value of -1 disables the feature."
msgid "If not specified, <command>useradd</command> will use the default inactivity period specified by the <option>INACTIVE</option> variable in <filename>/etc/default/useradd</filename>, or -1 by default."
msgid "The group name or number of the user's initial login group. The group name must exist. A group number must refer to an already existing group."
msgstr ""
#: useradd.8.xml:213(para)
msgid "If not specified, the bahavior of <command>useradd</command> will depend on the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</filename>. If this variable is set to <replaceable>yes</replaceable> (or <option>-U/--user-group</option> is specified on the command line), a group will be created for the user, with the same name as her loginname. If the variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-group</option> is specified on the command line), useradd will set the primary group of the new user to the value specified by the <option>GROUP</option> variable in <filename>/etc/default/useradd</filename>, or 100 by default."
msgstr ""
#: useradd.8.xml:236(para)
msgid "A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the <option>-g</option> option. The default is for the user to belong only to the initial group."
msgid "The skeleton directory, which contains files and directories to be copied in the user's home directory, when the home directory is created by <command>useradd</command>."
msgstr ""
#: useradd.8.xml:263(para)
msgid "This option is only valid if the <option>-m</option> (or <option>--create-home</option>) option is specified."
msgstr ""
#: useradd.8.xml:267(para)
msgid "If this option is not set, the skeleton directory is defined by the <option>SKEL</option> variable in <filename>/etc/default/useradd</filename> or, by default, <filename>/etc/skel</filename>."
msgid "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, <option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: <option>-K </option><replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable> can be used when creating system account to turn off password ageing, even though system account has no password at all. Multiple <option>-K</option> options can be specified, e.g.: <option>-K </option><replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable><option>-K </option><replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
msgid "Create the user's home directory if it does not exist. The files and directories contained in the skeleton directory (which can be defined with the <option>-k</option> option) will be copied to the home directory."
msgid "Do no create the user's home directory, even if the system wide setting from <filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set to <replaceable>yes</replaceable>."
msgid "Do not create a group with the same name as the user, but add the user to the group specified by the <option>-g</option> option or by the <option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
msgid "The default behavior (if the <option>-g</option>, <option>-N</option>, and <option>-U</option> options are not specified) is defined by the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</filename>."
msgid "The encrypted password, as returned by <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to disable the password."
msgid "System users will be created with no aging information in <filename>/etc/shadow</filename>, and their numeric identifiers are choosen in the <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in <filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-<option>UID_MAX</option> (and their <option>GID</option> counterparts for the creation of groups)."
msgid "Note that <command>useradd</command> will not create a home directory for such an user, regardless of the default setting in <filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>). You have to specify the <option>-m</option> options if you want a home directory for a system account to be created."
msgid "The name of the user's login shell. The default is to leave this field blank, which causes the system to select the default login shell specified by the <option>SHELL</option> variable in <filename>/etc/default/useradd</filename>, or an empty string by default."
msgid "The numerical value of the user's ID. This value must be unique, unless the <option>-o</option> option is used. The value must be non-negative. The default is to use the smallest ID value greater than 999 and greater than every other user. Values between 0 and 999 are typically reserved for system accounts."
msgid "When invoked with only the <option>-D</option> option, <command>useradd</command> will display the current default values. When invoked with <option>-D</option> plus other options, <command>useradd</command> will update the default values for the specified options. Valid default-changing options are:"
msgid "The path prefix for a new user's home directory. The user's name will be affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new user's home directory name, if the <option>-d</option> option is not used when creating a new account."
msgid "The group name or ID for a new user's initial group (when the <option>-N/--no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> variable is set to <replaceable>no</replaceable> in <filename>/etc/login.defs</filename>. The named group must exist, and a numerical group ID must have an existing entry."
msgid "The system administrator is responsible for placing the default user files in the <filename>/etc/skel/</filename> directory (or any other skeleton directory specified in <filename>/etc/default/useradd</filename> or on the command line)."
msgid "Similarly, if the username already exists in an external user database such as NIS or LDAP, <command>useradd</command> will deny the user account creation request."
msgid "Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes. They can end with a dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
msgid "Range of group IDs used for the creation of regular groups by <command>useradd</command>, <command>groupadd</command>, or <command>newusers</command>."
msgid "The maximum number of days a password may be used. If the password is older than this, a password change will be forced. If not specified, -1 will be assumed (which disables the restriction)."
msgid "The minimum number of days allowed between password changes. Any password changes attempted sooner than this will be rejected. If not specified, -1 will be assumed (which disables the restriction)."
msgid "The number of days warning given before a password expires. A zero means warning is given only upon the day of expiration, a negative value means no warning is given. If not specified, no warning will be provided."
msgid "Range of group IDs used for the creation of system groups by <command>useradd</command>, <command>groupadd</command>, or <command>newusers</command>."
msgid "It is also used by <command>login</command> to define users' initial umask. Note that this mask can be overriden by the user's GECOS line (if <option>QUOTAS_ENAB</option> is set) or by the specification of a limit with the <emphasis>K</emphasis> identifier in <citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
msgid "The file <filename>/etc/suauth</filename> is referenced whenever the su command is called. It can change the behaviour of the su command, based upon:"
msgstr ""
#. .RS
#: suauth.5.xml:58(literallayout)
#, no-wrap
msgid "\n 1) the user su is targetting\n "
msgstr ""
#. .fi
#: suauth.5.xml:62(para)
msgid "2) the user executing the su command (or any groups he might be a member of)"
msgstr ""
#: suauth.5.xml:67(para)
msgid "The file is formatted like this, with lines starting with a # being treated as comment lines and ignored;"
msgstr ""
#: suauth.5.xml:72(literallayout)
#, no-wrap
msgid "\n to-id:from-id:ACTION\n "
msgstr ""
#: suauth.5.xml:76(para)
msgid "Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by a list of usernames delimited by \",\""
msgstr ""
#: suauth.5.xml:82(para)
msgid "from-id is formatted the same as to-id except the extra word <emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> appears one or more group names, delimited by \",\". It is not sufficient to have primary group id of the relevant group, an entry in <citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</manvolnum></citerefentry> is neccessary."
msgstr ""
#: suauth.5.xml:93(para)
msgid "Action can be one only of the following currently supported options."
msgstr ""
#: suauth.5.xml:99(emphasis)
msgid "DENY"
msgstr ""
#: suauth.5.xml:102(para)
msgid "The attempt to su is stopped before a password is even asked for."
msgstr ""
#: suauth.5.xml:109(emphasis)
msgid "NOPASS"
msgstr ""
#: suauth.5.xml:112(para)
msgid "The attempt to su is automatically successful; no password is asked for."
msgstr ""
#: suauth.5.xml:120(emphasis)
msgid "OWNPASS"
msgstr ""
#: suauth.5.xml:123(para)
msgid "For the su command to be successful, the user must enter his or her own password. They are told this."
msgstr ""
#: suauth.5.xml:131(para)
msgid "Note there are three separate fields delimited by a colon. No whitespace must surround this colon. Also note that the file is examined sequentially line by line, and the first applicable rule is used without examining the file further. This makes it possible for a system administrator to exercise as fine control as he or she wishes."
msgstr ""
#: suauth.5.xml:141(title)
msgid "EXAMPLE"
msgstr ""
#: suauth.5.xml:142(literallayout)
#, no-wrap
msgid "\n # sample /etc/suauth file\n #\n # A couple of privileged usernames may\n # su to root with their own password.\n #\n root:chris,birddog:OWNPASS\n #\n # Anyone else may not su to root unless in\n # group wheel. This is how BSD does things.\n #\n root:ALL EXCEPT GROUP wheel:DENY\n #\n # Perhaps terry and birddog are accounts\n # owned by the same person.\n # Access can be arranged between them\n # with no password.\n #\n terry:birddog:NOPASS\n birddog:terry:NOPASS\n #\n "
msgid "There could be plenty lurking. The file parser is particularly unforgiving about syntax errors, expecting no spurious whitespace (apart from beginning and end of lines), and a specific token delimiting different things."
msgid "An error parsing the file is reported using <citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum></citerefentry> as level ERR on facility AUTH."
msgid "The <command>su</command> command is used to become another user during a login session. Invoked without a <option>username</option>, <command>su</command> defaults to becoming the superuser. The optional argument <option>-</option> may be used to provide an environment similar to what the user would expect had the user logged in directly."
msgstr ""
#: su.1.xml:87(para)
msgid "Additional arguments may be provided after the username, in which case they are supplied to the user's login shell. In particular, an argument of <option>-c</option> will cause the next argument to be treated as a command by most command interpreters. The command will be executed by the shell specified in <filename>/etc/passwd</filename> for the target user."
msgstr ""
#: su.1.xml:96(para)
msgid "You can use the <option>--</option> argument to separate <command>su</command> options from the arguments supplied to the shell."
msgstr ""
#: su.1.xml:101(para)
msgid "The user will be prompted for a password, if appropriate. Invalid passwords will produce an error message. All attempts, both valid and invalid, are logged to detect abuse of the system."
msgstr ""
#: su.1.xml:106(para)
msgid "The current environment is passed to the new shell. The value of <envar>$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the superuser. This may be changed with the <emphasis>ENV_PATH</emphasis> and <emphasis>ENV_SUPATH</emphasis> definitions in <filename>/etc/login.defs</filename>."
msgstr ""
#: su.1.xml:115(para) login.1.xml:166(para)
msgid "A subsystem login is indicated by the presence of a \"*\" as the first character of the login shell. The given home directory will be used as the root of a new file system which the user is actually logged into."
msgstr ""
#: su.1.xml:124(para)
msgid "The options which apply to the <command>su</command> command are:"
msgid "Provide an environment similar to what the user would expect had the user logged in directly."
msgstr ""
#: su.1.xml:148(para)
msgid "When <option>-</option> is used, it must be specified as the last <command>su</command> option. The other forms (<option>-l</option> and <option>--login</option>) do not have this restriction."
msgstr ""
#: su.1.xml:162(para)
msgid "The shell that will be invoked."
msgstr ""
#: su.1.xml:167(para)
msgid "The shell specified with --shell."
msgstr ""
#: su.1.xml:170(para)
msgid "If <option>--preserve-environment</option> is used, the shell specified by the <envar>$SHELL</envar> environment variable."
msgstr ""
#: su.1.xml:177(para)
msgid "The shell indicated in the <filename>/etc/passwd</filename> entry for the target user."
msgstr ""
#: su.1.xml:183(para)
msgid "<filename>/bin/sh</filename> if a shell could not be found by any above method."
msgstr ""
#: su.1.xml:163(para)
msgid "The invoked shell is chosen from (highest priority first): <placeholder-1/>"
msgstr ""
#: su.1.xml:190(para)
msgid "If the target user has a restricted shell (i.e. the shell field of this user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/etc/shell</filename>), then the <option>--shell</option> option or the <envar>$SHELL</envar> environment variable won't be taken into account, unless <command>su</command> is called by root."
msgid "If defined, either full pathname of a file containing device names (one per line) or a \":\" delimited list of device names. Root logins will be allowed only upon these devices."
msgid "List of groups to add to the user's supplementary groups set when logging in on the console (as determined by the CONSOLE setting). Default is none. <placeholder-1/> Use with caution - it is possible for users to gain permanent access to these groups, even when not logged in on the console."
msgid "If set to <replaceable>yes</replaceable>, the user will login in the root (<filename>/</filename>) directory if it is not possible to cd to her home directory."
msgstr ""
#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
msgid "If set, it will be used to define the HZ environment variable when a user login. The value must be preceded by <replaceable>HZ=</replaceable>. A common value on Linux is <replaceable>HZ=100</replaceable>."
msgid "If set, it will be used to define the PATH environment variable when a regular user login. The value can be preceded by <replaceable>PATH=</replaceable>, or a colon separated list of paths (for example <replaceable>/bin:/usr/bin</replaceable>). The default value is <replaceable>PATH=/bin:/usr/bin</replaceable>."
msgid "If set, it will be used to define the PATH environment variable when the superuser login. The value can be preceded by <replaceable>PATH=</replaceable>, or a colon separated list of paths (for example <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>). The default value is <replaceable>PATH=/bin:/usr/bin</replaceable>."
msgid "If set, it will be used to define the TZ environment variable when a user login. The value can be the name of a timezone preceded by <replaceable>TZ=</replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the full path to the file containing the timezone specification (for example <filename>/etc/tzname</filename>)."
msgstr ""
#. TODO: it can in fact be used to set any other variable
msgid "The string used for prompting a password. The default is to use \"Password: \", or a translation of that string. If you set this variable, the prompt will no be translated."
msgid "Enable setting of ulimit, umask, and niceness from passwd gecos field."
msgstr ""
#: su.1.xml:32(term) login.defs.5.xml:32(term)
msgid "<option>SULOG_FILE</option> (string)"
msgstr ""
#: su.1.xml:34(para) login.defs.5.xml:34(para)
msgid "If defined, all su activity is logged to this file."
msgstr ""
#: su.1.xml:32(term) login.defs.5.xml:32(term)
msgid "<option>SU_NAME</option> (string)"
msgstr ""
#: su.1.xml:34(para) login.defs.5.xml:34(para)
msgid "If defined, the command name to display when running \"su -\". For example, if this is defined as \"su\" then a \"ps\" will display the command is \"-su\". If not defined, then \"ps\" would display the name of the shell actually being run, e.g. something like \"-sh\"."
msgstr ""
#: su.1.xml:33(term) login.defs.5.xml:33(term)
msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
msgstr ""
#: su.1.xml:35(para) login.defs.5.xml:35(para)
msgid "If <replaceable>yes</replaceable>, the user must be listed as a member of the first gid 0 group in <filename>/etc/group</filename> (called <replaceable>root</replaceable> on most Linux systems) to be able to <command>su</command> to uid 0 accounts. If the group doesn't exist or is empty, no one will be able to <command>su</command> to uid 0."
msgstr ""
#: su.1.xml:32(term) login.defs.5.xml:32(term)
msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
msgstr ""
#: su.1.xml:34(para) login.defs.5.xml:34(para)
msgid "Enable \"syslog\" logging of <command>su</command> activity - in addition to sulog file logging."
msgid "The <command>sg</command> command works similar to <command>newgrp</command> but accepts a command. The command will be executed with the <filename>/bin/sh</filename> shell. With most shells you may run <command>sg</command> from, you need to enclose multi-word commands in quotes. Another difference between <command>newgrp</command> and <command>sg</command> is that some shells treat <command>newgrp</command> specially, replacing themselves with a new instance of a shell that <command>newgrp</command> creates. This doesn't happen with <command>sg</command>, so upon exit from a <command>sg</command> command you are returned to your previous group ID."
msgid "Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry> for details on how this string is interpreted."
msgstr ""
#: shadow.5.xml:78(para)
msgid "If the password field contains some string that is not a valid result of <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means)."
msgstr ""
#: shadow.5.xml:85(para)
msgid "This field may be empty, in which case no passwords are required to authenticate as the specified login name. However, some applications which read the <filename>/etc/shadow</filename> file may decide not to permit any access at all if the password field is empty."
msgid "A password field which starts with a exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked."
msgstr ""
#: shadow.5.xml:102(emphasis)
msgid "date of last password change"
msgstr ""
#: shadow.5.xml:105(para)
msgid "The date of the last password change, expressed as the number of days since Jan 1, 1970."
msgstr ""
#: shadow.5.xml:109(para)
msgid "The value 0 has a special meaning, which is that the user should change her pasword the next time she will log in the system."
msgstr ""
#: shadow.5.xml:114(para)
msgid "An empty field means that password aging features are disabled."
msgstr ""
#: shadow.5.xml:121(emphasis)
msgid "minimum password age"
msgstr ""
#: shadow.5.xml:123(para)
msgid "The minimum password age is the number of days the user will have to wait before she will be allowed to change her password again."
msgstr ""
#: shadow.5.xml:128(para)
msgid "An empty field and value 0 mean that there are no minimum password age."
msgstr ""
#: shadow.5.xml:135(emphasis)
msgid "maximum password age"
msgstr ""
#: shadow.5.xml:137(para)
msgid "The maximum password age is the number of days after which the user will have to change her password."
msgstr ""
#: shadow.5.xml:141(para)
msgid "After this number of days is elapsed, the password may still be valid. The user should be asked to change her password the next time she will log in."
msgstr ""
#: shadow.5.xml:146(para)
msgid "An empty field means that there are no maximum password age, no password warning period, and no password inactivity period (see below)."
msgstr ""
#: shadow.5.xml:151(para)
msgid "If the maximum password age is lower than the minimum password age, the user cannot change her password."
msgstr ""
#: shadow.5.xml:159(emphasis)
msgid "password warning period"
msgstr ""
#: shadow.5.xml:162(para)
msgid "The number of days before a password is going to expire (see the maximum password age above) during which the user should be warned."
msgstr ""
#: shadow.5.xml:167(para)
msgid "An empty field and value 0 mean that there are no password warning period."
msgstr ""
#: shadow.5.xml:175(emphasis)
msgid "password inactivity period"
msgstr ""
#: shadow.5.xml:178(para)
msgid "The number of days after a password has expired (see the maximum password age above) during which the password should still be accepted (and the user should update her password during the next login)."
msgstr ""
#: shadow.5.xml:184(para)
msgid "After expiration of the password and this expiration period is elapsed, no login is possible using the current user's password. The user should contact her administrator."
msgstr ""
#: shadow.5.xml:189(para)
msgid "An empty field means that there are no enforcement of an inactivity period."
msgstr ""
#: shadow.5.xml:197(emphasis)
msgid "account expiration date"
msgstr ""
#: shadow.5.xml:200(para)
msgid "The date of expiration of the account, expressed as the number of days since Jan 1, 1970."
msgstr ""
#: shadow.5.xml:204(para)
msgid "Note that an account expiration differs from a password expiration. In case of an acount expiration, the user shall not be allowed to login. In case of a password expiration, the user is not allowed to login using her password."
msgstr ""
#: shadow.5.xml:210(para)
msgid "An empty field means that the account will never expire."
msgstr ""
#: shadow.5.xml:213(para)
msgid "The value 0 should not be used as it is interpreted as either an account with no expiration, or as an expiration on Jan 1, 1970."
msgid "<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the shadow password file, <filename>/etc/shadow</filename>. The structure in the <emphasis remap=\"I\">#include</emphasis> file is:"
msgstr ""
#: shadow.3.xml:99(programlisting)
#, no-wrap
msgid "struct spwd {\n char\t\t*sp_namp; /* user login name */\n char\t\t*sp_pwdp; /* encrypted password */\n long int\t\tsp_lstchg; /* last password change */\n long int\t\tsp_min; /* days until change allowed. */\n long int\t\tsp_max; /* days before change required */\n long int\t\tsp_warn; /* days warning for expiration */\n long int\t\tsp_inact; /* days before account inactive */\n long int\t\tsp_expire; /* date when account expires */\n unsigned long int\tsp_flag; /* reserved for future use */\n}\n "
msgstr ""
#: shadow.3.xml:111(para)
msgid "The meanings of each field are:"
msgstr ""
#: shadow.3.xml:114(para)
msgid "sp_namp - pointer to null-terminated user name"
msgstr ""
#: shadow.3.xml:117(para)
msgid "sp_pwdp - pointer to null-terminated password"
msgstr ""
#: shadow.3.xml:120(para)
msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
msgstr ""
#: shadow.3.xml:123(para)
msgid "sp_min - days before which password may not be changed"
msgstr ""
#: shadow.3.xml:126(para)
msgid "sp_max - days after which password must be changed"
msgstr ""
#: shadow.3.xml:129(para)
msgid "sp_warn - days before password is to expire that user is warned of pending password expiration"
msgstr ""
#: shadow.3.xml:134(para)
msgid "sp_inact - days after password expires that account is considered inactive and disabled"
msgstr ""
#: shadow.3.xml:139(para)
msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
msgstr ""
#: shadow.3.xml:142(para)
msgid "sp_flag - reserved for future use"
msgstr ""
#: shadow.3.xml:150(para)
msgid "<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, <emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</emphasis> returns the next entry from the file, and <emphasis>fgetspent</emphasis> returns the next entry from the given stream, which is assumed to be a file of the proper format. <emphasis>sgetspent</emphasis> returns a pointer to a <emphasis>struct spwd</emphasis> using the provided string as input. <emphasis>getspnam</emphasis> searches from the current position in the file for an entry matching <emphasis>name</emphasis>."
msgstr ""
#: shadow.3.xml:163(para)
msgid "<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used to begin and end, respectively, access to the shadow password file."
msgstr ""
#: shadow.3.xml:169(para)
msgid "The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines should be used to insure exclusive access to the <filename>/etc/shadow</filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for the remainder of the initial 15 seconds. Should either attempt fail after a total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both locks are acquired 0 is returned."
msgstr ""
#: shadow.3.xml:184(para)
msgid "Routines return NULL if no more entries are available or if an error occurs during processing. Routines which have <emphasis>int</emphasis> as the return value return 0 for success and -1 for failure."
msgstr ""
#: shadow.3.xml:194(para)
msgid "These routines may only be used by the superuser as access to the shadow password file is restricted."
msgid "convert to and from shadow passwords and groups"
msgstr ""
#: pwconv.8.xml:71(para)
msgid "The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally existing <emphasis remap=\"I\">shadow</emphasis>."
msgstr ""
#: pwconv.8.xml:77(para)
msgid "The <command>pwunconv</command> command creates <emphasis remap=\"I\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and <emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I\">shadow</emphasis>."
msgstr ""
#: pwconv.8.xml:84(para)
msgid "The <command>grpconv</command> command creates <emphasis remap=\"I\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
msgstr ""
#: pwconv.8.xml:90(para)
msgid "The <command>grpunconv</command> command creates <emphasis remap=\"I\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and <emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I\">gshadow</emphasis>."
msgstr ""
#: pwconv.8.xml:97(para)
msgid "These four programs all operate on the normal and shadow password and group files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, <filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
msgstr ""
#: pwconv.8.xml:104(para)
msgid "Each program acquires the necessary locks before conversion. <command>pwconv</command> and <command>grpconv</command> are similar. First, entries in the shadowed file which don't exist in the main file are removed. Then, shadowed entries which don't have `x' as the password in the main file are updated. Any missing shadowed entries are added. Finally, passwords in the main file are replaced with `x'. These programs can be used for initial conversion as well to update the shadowed file if the main file is edited by hand."
msgstr ""
#: pwconv.8.xml:115(para)
msgid "<command>pwconv</command> will use the values of <emphasis remap=\"I\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login.defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
msgstr ""
#: pwconv.8.xml:124(para)
msgid "Likewise <command>pwunconv</command> and <command>grpunconv</command> are similar. Passwords in the main file are updated from the shadowed file. Entries which exist in the main file but not in the shadowed file are left alone. Finally, the shadowed file is removed. Some password aging information is lost by <command>pwunconv</command>. It will convert what it can."
msgstr ""
#: pwconv.8.xml:136(para)
msgid "Errors in the password or group files (such as invalid or duplicate entries) may cause these programs to loop forever or fail in other strange ways. Please run <command>pwck</command> and <command>grpck</command> to correct any such errors before converting to or from shadow passwords or groups."
msgstr ""
#: pwconv.8.xml:147(para)
msgid "The following configuration variable in <filename>/etc/login.defs</filename> changes the behavior of <command>grpconv</command> and <command>grpunconv</command>:"
msgstr ""
#: pwconv.8.xml:155(para)
msgid "The following configuration variables in <filename>/etc/login.defs</filename> change the behavior of <command>pwconv</command>:"
msgid "The <command>pwck</command> command verifies the integrity of the system authentication information. All entries in the <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename> are checked to see that the entry has the proper format and valid data in each field. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors."
msgstr ""
#: pwck.8.xml:91(para) grpck.8.xml:80(para)
msgid "Checks are made to verify that each entry has:"
msgstr ""
#: pwck.8.xml:94(para) grpck.8.xml:84(para)
msgid "the correct number of fields"
msgstr ""
#: pwck.8.xml:97(para)
msgid "a unique user name"
msgstr ""
#: pwck.8.xml:100(para)
msgid "a valid user and group identifier"
msgstr ""
#: pwck.8.xml:103(para)
msgid "a valid primary group"
msgstr ""
#: pwck.8.xml:106(para)
msgid "a valid home directory"
msgstr ""
#: pwck.8.xml:109(para)
msgid "a valid login shell"
msgstr ""
#: pwck.8.xml:113(para)
msgid "The checks for correct number of fields and unique user name are fatal. If the entry has the wrong number of fields, the user will be prompted to delete the entire line. If the user does not answer affirmatively, all further checks are bypassed. An entry with a duplicated user name is prompted for deletion, but the remaining checks will still be made. All other errors are warning and the user is encouraged to run the <command>usermod</command> command to correct the error."
msgstr ""
#: pwck.8.xml:124(para)
msgid "The commands which operate on the <filename>/etc/passwd</filename> file are not able to alter corrupted or duplicated entries. <command>pwck</command> should be used in those circumstances to remove the offending entry."
msgstr ""
#: pwck.8.xml:134(para)
msgid "The options which apply to the <command>pwck</command> command are:"
msgstr ""
#: pwck.8.xml:143(para)
msgid "Report errors only. The warnings which do not require any action from the user won't be displayed."
msgstr ""
#: pwck.8.xml:154(para)
msgid "Execute the <command>pwck</command> command in read-only mode."
msgstr ""
#: pwck.8.xml:164(para)
msgid "Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename> by UID."
msgstr ""
#: pwck.8.xml:172(para)
msgid "By default, <command>pwck</command> operates on the files <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>. The user may select alternate files with the <emphasis remap=\"I\">passwd</emphasis> and <emphasis remap=\"I\">shadow</emphasis> parameters."
msgid "<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, user names, and permitted login times."
msgstr ""
#: porttime.5.xml:50(para)
msgid "Each entry consists of three colon separated fields. The first field is a comma separated list of tty devices, or an asterisk to indicate that all tty devices are matched by this entry. The second field is a comma separated list of user names, or an asterisk to indicated that all user names are matched by this entry. The third field is a comma separated list of permitted access times."
msgstr ""
#: porttime.5.xml:59(para)
msgid "Each access time entry consists of zero or more days of the week, abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
msgstr ""
#: porttime.5.xml:73(title)
msgid "EXAMPLES"
msgstr ""
#: porttime.5.xml:74(para)
msgid "The following entry allows access to user <emphasis remap=\"B\">jfh</emphasis> on every port during weekdays from 9am to 5pm."
msgstr ""
#: porttime.5.xml:80(para)
msgid "*:jfh:Wk0900-1700"
msgstr ""
#: porttime.5.xml:82(para)
msgid "The following entries allow access only to the users <emphasis>root</emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> at any time. This illustrates how the <filename>/etc/porttime</filename> file is an ordered list of access times. Any other user would match the second entry which does not permit access at any time."
msgid "<filename>/etc/passwd</filename> contains one line for each user account, with seven fields delimited by colons (<quote>:</quote>). These fields are:"
msgstr ""
#: passwd.5.xml:56(para)
msgid "optional encrypted password"
msgstr ""
#: passwd.5.xml:59(para)
msgid "numerical user ID"
msgstr ""
#: passwd.5.xml:62(para)
msgid "numerical group ID"
msgstr ""
#: passwd.5.xml:65(para)
msgid "user name or comment field"
msgstr ""
#: passwd.5.xml:68(para)
msgid "user home directory"
msgstr ""
#: passwd.5.xml:71(para)
msgid "optional user command interpreter"
msgstr ""
#: passwd.5.xml:75(para)
msgid "The encrypted password field may be blank, in which case no password is required to authenticate as the specified login name. However, some applications which read the <filename>/etc/passwd</filename> file may decide not to permit <emphasis>any</emphasis> access at all if the <emphasis>password</emphasis> field is blank. If the <emphasis>password</emphasis> field is a lower-case <quote>x</quote>, then the encrypted password is actually stored in the <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there <emphasis>must</emphasis> be a corresponding line in the <filename>/etc/shadow</filename> file, or else the user account is invalid. If the <emphasis>password</emphasis> field is any other string, then it will be treated as an encrypted password, as specified by <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>."
msgstr ""
#: passwd.5.xml:94(para)
msgid "The comment field is used by various system utilities, such as <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
msgstr ""
#: passwd.5.xml:100(para)
msgid "The home directory field provides the name of the initial working directory. The <command>login</command> program uses this information to set the value of the <envar>$HOME</envar> environmental variable."
msgstr ""
#: passwd.5.xml:106(para)
msgid "The command interpreter field provides the name of the user's command language interpreter, or the name of the initial program to execute. The <command>login</command> program uses this information to set the value of the <envar>$SHELL</envar> environmental variable. If this field is empty, it defaults to the value <filename>/bin/sh</filename>."
msgid "The <command>passwd</command> command changes passwords for user accounts. A normal user may only change the password for his/her own account, while the superuser may change the password for any account. <command>passwd</command> also changes the account or associated password validity period."
msgstr ""
#: passwd.1.xml:76(title)
msgid "Password Changes"
msgstr ""
#: passwd.1.xml:77(para)
msgid "The user is first prompted for his/her old password, if one is present. This password is then encrypted and compared against the stored password. The user has only one chance to enter the correct password. The superuser is permitted to bypass this step so that forgotten passwords may be changed."
msgstr ""
#: passwd.1.xml:85(para)
msgid "After the password has been entered, password aging information is checked to see if the user is permitted to change the password at this time. If not, <command>passwd</command> refuses to change the password and exits."
msgstr ""
#: passwd.1.xml:92(para)
msgid "The user is then prompted twice for a replacement password. The second entry is compared against the first and both are required to match in order for the password to be changed."
msgstr ""
#: passwd.1.xml:98(para)
msgid "Then, the password is tested for complexity. As a general guideline, passwords should consist of 6 to 8 characters including one or more characters from each of the following sets:"
msgstr ""
#: passwd.1.xml:106(para)
msgid "lower case alphabetics"
msgstr ""
#: passwd.1.xml:109(para)
msgid "digits 0 thru 9"
msgstr ""
#: passwd.1.xml:112(para)
msgid "punctuation marks"
msgstr ""
#: passwd.1.xml:116(para)
msgid "Care must be taken not to include the system default erase or kill characters. <command>passwd</command> will reject any password which is not suitably complex."
msgid "The security of a password depends upon the strength of the encryption algorithm and the size of the key space. The legacy <emphasis>UNIX</emphasis> System encryption method is based on the NBS DES algorithm. More recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). The size of the key space depends upon the randomness of the password which is selected."
msgid "Compromises in password security normally result from careless password selection or handling. For this reason, you should not select a password which appears in a dictionary or which must be written down. The password should also not be a proper name, your license number, birth date, or street address. Any of these may be used as guesses to violate system security."
msgid "Delete a user's password (make it empty). This is a quick way to disable a password for an account. It will set the named account passwordless."
msgid "This option is used to disable an account after the password has been expired for a number of days. After a user account has had an expired password for <replaceable>INACTIVE</replaceable> days, the user may no longer sign on to the account."
msgid "Indicate password change should be performed only for expired authentication tokens (passwords). The user wishes to keep their non-expired tokens as before."
msgid "Lock the password of the named account. This option disables a password by changing it to a value which matches no possible encrypted value (it adds a ´!´ at the beginning of the password)."
msgid "Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use <command>usermod --expiredate 1</command> (this set the account's expire date to Jan 2, 1970)."
msgid "Set the minimum number of days between password changes to <replaceable>MIN_DAYS</replaceable>. A value of zero for this field indicates that the user may change his/her password at any time."
msgid "Display account status information. The status information consists of 7 fields. The first field is the user's login name. The second field indicates if the user account has a locked password (L), has no password (NP), or has a usable password (P). The third field gives the date of the last password change. The next four fields are the minimum age, maximum age, warning period, and inactivity period for the password. These ages are expressed in days."
msgid "Unlock the password of the named account. This option re-enables a password by changing the password back to its previous value (to the value before using the <option>-l</option> option), and by resetting the account expiry field."
msgid "Set the number of days of warning before a password change is required. The <replaceable>WARN_DAYS</replaceable> option is the number of days prior to the password expiring that a user will be warned that his/her password is about to expire."
msgid "Password complexity checking may vary from site to site. The user is urged to select a password as complex as he or she feels comfortable with."
msgstr ""
#: passwd.1.xml:345(para)
msgid "Users may not be able to change their password on a system if NIS is enabled and they are not logged into the NIS server."
msgid "Note: This only affect the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM configuration. It is recommended to set this variable consistently with the PAM configuration."
msgid "Indicate if passwords must be encrypted using the MD5-based algorithm. If set to <replaceable>yes</replaceable>, new passwords will be encrypted using the MD5-based algorithm compatible with the one used by recent releases of FreeBSD. It supports passwords of unlimited length and longer salt strings. Set to <replaceable>no</replaceable> if you need to copy encrypted passwords to other systems which don't understand the new algorithm. Default is <replaceable>no</replaceable>."
msgid "This variable is superceded by the <option>ENCRYPT_METHOD</option> variable or by any command line option used to configure the encryption algorithm."
msgid "Number of significant characters in the password for crypt(). <option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to <replaceable>yes</replaceable>."
msgid "When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</replaceable> or <replaceable>SHA512</replaceable>, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)."
msgid "With a lot of rounds, it is more difficult to brute forcing the password. But note also that more CPU resources will be needed to authenticate users."
msgid "The <command>nologin</command> command displays a message that an account is not available and exits non-zero. It is intended as a replacement shell field for accounts that have been disabled."
msgstr ""
#: nologin.8.xml:56(para)
msgid "To disable all logins, investigate <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
msgid "The <command>newusers</command> command reads a file of user name and clear-text password pairs and uses this information to update a group of existing users or to create new users. Each line is in the same format as the standard password file (see <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>) with the exceptions explained below:"
msgid "It can be the name of a new user or the name of an existing user (or an user created before by <command>newusers</command>). In case of an existing user, the user's information will be changed, otherwise a new user will be created."
msgid "If this field contains the name of an existing user (or the name of an user created before by <command>newusers</command>), the UID of the specified user will be used."
msgid "If this field contains the name of an existing group (or a group created before by <command>newusers</command>), the GID of this group will be used as the primary group ID for the user."
msgid "If this field is a number, this number will be used as the primary group ID of the user. If no groups exist with this GID, a new group will be created with this GID, and the name of the user."
msgid "If this field is empty, a new group will be created with the name of the user and a GID will be automatically defined by <command>newusers</command> to be used as the primary group ID for the user and as the GID for the new group."
msgid "If this field contains the name of a group which does not exist (and was not created earlier wbefore by <command>newusers</command>), a new group will be created with the specified name and a GID will be automatically defined by <command>newusers</command> to be used as the primary group ID for the user and Gs the ID for the new group."
msgid "If this field does not specify an existing directory, the specified directory is created, with ownership set to the user being created or updated and its primary group."
msgid "If the home directory of an existing user is changed, <command>newusers</command> does not move or copy the content of the old directory to the new location. This should be done manually."
msgid "<command>newusers</command> first tries to create or change all the specified users, and then write these changes to the user or group databases. If an error occurs (except in the final writes to the databases), no changes are committed to the databases."
msgid "During this first pass, users are created with a locked password (and passwords are not changed for the users which are not created). A second pass is used to update the passwords using PAM. Failures to update a password are reported, but will not stop the other password updates."
msgid "System users will be created with no aging information in <filename>/etc/shadow</filename>, and their numeric identifiers are choosen in the <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in <filename>login.defs</filename>, instead of <option>UID_MIN</option>-<option>UID_MAX</option> (and their <option>GID</option> counterparts for the creation of groups)."
msgid "By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
msgid "The <command>newgrp</command> command is used to change the current group ID during a login session. If the optional <option>-</option> flag is given, the user's environment will be reinitialized as though the user had logged in, otherwise the current environment, including current working directory, remains unchanged."
msgstr ""
#: newgrp.1.xml:64(para)
msgid "<command>newgrp</command> changes the current real group ID to the named group, or to the default group listed in <filename>/etc/passwd</filename> if no group name is given. <command>newgrp</command> also tries to add the group to the user groupset. If not root, the user will be prompted for a password if she does not have a password (in <filename>/etc/shadow</filename> if this user has an entry in the shadowed password file, or in <filename>/etc/passwd</filename> otherwise) and the group does, or if the user is not listed as a member and the group has a password. The user will be denied access if the group password is empty and the user is not listed as a member."
msgstr ""
#: newgrp.1.xml:78(para)
msgid "If there is an entry for this group in <filename>/etc/gshadow</filename>, then the list of members and the password of this group will be taken from this file, otherwise, the entry in <filename>/etc/group</filename> is considered."
msgid "<command>logoutd</command> enforces the login time and port restrictions specified in <filename>/etc/porttime</filename>. <command>logoutd</command> should be started from <filename>/etc/rc</filename>. The <filename>/var/run/utmp</filename> file is scanned periodically and each user name is checked to see if the named user is permitted on the named port at the current time. Any login session which is violating the restrictions in <filename>/etc/porttime</filename> is terminated."
msgid "The <filename>/etc/login.defs</filename> file defines the site-specific configuration for the shadow password suite. This file is required. Absence of this file will not prevent system operation, but will probably result in undesirable operation."
msgstr ""
#: login.defs.5.xml:115(para)
msgid "This file is a readable text file, each line of the file describing one configuration parameter. The lines consist of a configuration name and value, separated by whitespace. Blank lines and comment lines are ignored. Comments are introduced with a \"#\" pound sign and the pound sign must be the first non-white character of the line."
msgstr ""
#: login.defs.5.xml:123(para)
msgid "Parameter values may be of four types: strings, booleans, numbers, and long numbers. A string is comprised of any printable characters. A boolean should be either the value <replaceable>yes</replaceable> or <replaceable>no</replaceable>. An undefined boolean parameter or one with a value other than these will be given a <replaceable>no</replaceable> value. Numbers (both regular and long) may be either decimal values, octal values (precede the value with <replaceable>0</replaceable>) or hexadecimal values (precede the value with <replaceable>0x</replaceable>). The maximum value of the regular and long numeric parameters is machine-dependent."
msgstr ""
#: login.defs.5.xml:138(para)
msgid "The following configuration items are provided:"
msgstr ""
#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
msgid "<option>CHFN_AUTH</option> (boolean)"
msgstr ""
#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
msgid "If <replaceable>yes</replaceable>, the <command>chfn</command> program will require authentication before making any changes, unless run by the superuser."
msgstr ""
#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
msgid "<option>CHFN_RESTRICT</option> (string)"
msgstr ""
#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
msgid "This parameter specifies which values in the <emphasis remap=\"I\">gecos</emphasis> field of the <filename>/etc/passwd</filename> file may be changed by regular users using the <command>chfn</command> program. It can be any combination of letters <replaceable>f</replaceable>, <replaceable>r</replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, for Full name, Room number, Work phone, and Home phone, respectively. For backward compatibility, <replaceable>yes</replaceable> is equivalent to <replaceable>rwh</replaceable> and <replaceable>no</replaceable> is equivalent to <replaceable>frwh</replaceable>. If not specified, only the superuser can make any changes. The most restrictive setting is better achieved by not installing <command>chfn</command> SUID."
msgstr ""
#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
msgid "<option>CHSH_AUTH</option> (boolean)"
msgstr ""
#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
msgid "If <replaceable>yes</replaceable>, the <command>chsh</command> program will require authentication before making any changes, unless run by the superuser."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>ERASECHAR</option> (number)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "Terminal ERASE character (<replaceable>010</replaceable> = backspace, <replaceable>0177</replaceable> = DEL)."
msgid "The value can be prefixed \"0\" for an octal value, or \"0x\" for an hexadecimal value."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>FAIL_DELAY</option> (number)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "Delay in seconds before being allowed another attempt after a login failure."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>FAILLOG_ENAB</option> (boolean)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "Enable logging and display of <filename>/var/log/faillog</filename> login failure info."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>FAKE_SHELL</option> (string)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "If set, <command>login</command> will execute this shell instead of the users' shell specified in <filename>/etc/passwd</filename>."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>FTMP_FILE</option> (string)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "If defined, login failures will be logged in this file in a utmp format."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>HUSHLOGIN_FILE</option> (string)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "If defined, this file can inhibit all the usual chatter during the login sequence. If a full pathname is specified, then hushed mode will be enabled if the user's name or shell are found in the file. If not a full pathname, then hushed mode will be enabled if the file exists in the user's home directory."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>ISSUE_FILE</option> (string)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "If defined, this file will be displayed before each login prompt."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>KILLCHAR</option> (number)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>LASTLOG_ENAB</option> (boolean)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "Enable logging and display of /var/log/lastlog login time info."
msgid "Enable display of unknown usernames when login failures are recorded."
msgstr ""
#: login.defs.5.xml:38(para) login.1.xml:38(para)
msgid "Note: logging unknown usernames may be a security issue if an user enter her password instead of her login name."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>LOGIN_RETRIES</option> (number)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "Maximum number of login retries in case of bad password."
msgstr ""
#: login.defs.5.xml:37(para) login.1.xml:37(para)
msgid "This will most likely be overriden by PAM, since the default pam_unix module has it's own built in of 3 retries. However, this is a safe fallback in case you are using an authentication module that does not enforce PAM_MAXTRIES."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>LOGIN_TIMEOUT</option> (number)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "Max time in seconds for login."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>MOTD_FILE</option> (string)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "If defined, \":\" delimited list of \"message of the day\" files to be displayed upon login."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>NOLOGINS_FILE</option> (string)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "If defined, name of file whose presence will inhibit non-root logins. The contents of this file should be a message indicating why logins are inhibited."
msgstr ""
#: login.defs.5.xml:181(para)
msgid "<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and <option>PASS_WARN_AGE</option> are only used at the time of account creation. Any changes to these settings won't affect existing accounts."
msgid "Enable checking of time restrictions specified in /etc/porttime."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>TTYGROUP</option> (string)"
msgstr ""
#: login.defs.5.xml:33(term) login.1.xml:33(term)
msgid "<option>TTYPERM</option> (string)"
msgstr ""
#: login.defs.5.xml:35(para) login.1.xml:35(para)
msgid "The terminal permissions: the login tty will be owned by the <option>TTYGROUP</option> group, and the permissions will be set to <option>TTYPERM</option>."
msgstr ""
#: login.defs.5.xml:40(para) login.1.xml:40(para)
msgid "By default, the ownership of the terminal is set to the user's primary group and the permissions are set to <replaceable>0600</replaceable>."
msgstr ""
#: login.defs.5.xml:45(para) login.1.xml:45(para)
msgid "<option>TTYGROUP</option> can be either the name of a group or a numeric group identifier."
msgstr ""
#: login.defs.5.xml:49(para) login.1.xml:49(para)
msgid "If you have a <command>write</command> program which is \"setgid\" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>TTYTYPE_FILE</option> (string)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "If defined, file which maps tty line to TERM environment parameter. Each line of the file is in a format something like \"vt100 tty01\"."
msgstr ""
#: login.defs.5.xml:32(term) login.1.xml:32(term)
msgid "<option>ULIMIT</option> (number)"
msgstr ""
#: login.defs.5.xml:34(para) login.1.xml:34(para)
msgid "Default <command>ulimit</command> value."
msgstr ""
#: login.defs.5.xml:209(title)
msgid "CROSS REFERENCES"
msgstr ""
#: login.defs.5.xml:210(para)
msgid "The following cross references show which programs in the shadow password suite use which parameters."
msgid "Much of the functionality that used to be provided by the shadow password suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is no longer used by <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, and <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the corresponding PAM configuration files instead."
msgid "The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, host) combinations and/or (user, tty) combinations for which a login will be either accepted or refused."
msgstr ""
#: login.access.5.xml:52(para)
msgid "When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is scanned for the first entry that matches the (user, host) combination, or, in case of non-networked logins, the first entry that matches the (user, tty) combination. The permissions field of that table entry determines whether the login will be accepted or refused."
msgstr ""
#: login.access.5.xml:60(para)
msgid "Each line of the login access control table has three fields separated by a \":\" character:"
msgid "The first field should be a \"<emphasis>+</emphasis>\" (access granted) or \"<emphasis>-</emphasis>\" (access denied) character. The second field should be a list of one or more login names, group names, or <emphasis>ALL</emphasis> (always matches). The third field should be a list of one or more tty names (for non-networked logins), host names, domain names (begin with \"<literal>.</literal>\"), host addresses, internet network numbers (end with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or <emphasis>LOCAL</emphasis> (matches any string that does not contain a \"<literal>.</literal>\" character). If you run NIS you can use @netgroupname in host or user patterns."
msgstr ""
#: login.access.5.xml:83(para)
msgid "The <emphasis>EXCEPT</emphasis> operator makes it possible to write very compact rules."
msgstr ""
#: login.access.5.xml:88(para)
msgid "The group file is searched only when a name does not match that of the logged-in user. Only groups are matched in which users are explicitly listed: the program does not look at a user's primary group id value."
msgid "The <command>login</command> program is used to establish a new session with the system. It is normally invoked automatically by responding to the <emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. <command>login</command> may be special to the shell and may not be invoked as a sub-process. When called from a shell, <command>login</command> should be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause the user to exit from the current shell (and thus will prevent the new logged in user to return to the session of the caller). Attempting to execute <command>login</command> from any shell but the login shell will produce an error message."
msgstr ""
#: login.1.xml:118(para)
msgid "The user is then prompted for a password, where appropriate. Echoing is disabled to prevent revealing the password. Only a small number of password failures are permitted before <command>login</command> exits and the communications link is severed."
msgstr ""
#: login.1.xml:125(para)
msgid "If password aging has been enabled for your account, you may be prompted for a new password before proceeding. You will be forced to provide your old password and the new password before continuing. Please refer to <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry> for more information."
msgstr ""
#: login.1.xml:134(para)
msgid "After a successful login, you will be informed of any system messages and the presence of mail. You may turn off the printing of the system message file, <filename>/etc/motd</filename>, by creating a zero-length file <filename>.hushlogin</filename> in your login directory. The mail message will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to the condition of your mailbox."
msgstr ""
#: login.1.xml:145(para)
msgid "Your user and group ID will be set according to their values in the <filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and <envar>$MAIL</envar> are set according to the appropriate fields in the password entry. Ulimit, umask and nice values may also be set according to entries in the GECOS field."
msgstr ""
#: login.1.xml:154(para)
msgid "On some installations, the environmental variable <envar>$TERM</envar> will be initialized to the terminal type on your tty line, as specified in <filename>/etc/ttytype</filename>."
msgstr ""
#: login.1.xml:160(para)
msgid "An initialization script for your command interpreter may also be executed. Please see the appropriate manual section for more information on this function."
msgstr ""
#: login.1.xml:172(para) login.1.xml:248(para)
msgid "The <command>login</command> program is NOT responsible for removing users from the utmp file. It is the responsibility of <citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>init</refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent ownership of a terminal session. If you use <command>login</command> from the shell prompt without <command>exec</command>, the user you use will continue to appear to be logged in even after you log out of the \"subsession\"."
msgstr ""
#: login.1.xml:195(para)
msgid "Do not perform authentication, user is preauthenticated."
msgstr ""
#: login.1.xml:198(para)
msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
msgstr ""
#: login.1.xml:206(option)
msgid "-h"
msgstr ""
#: login.1.xml:209(para)
msgid "Name of the remote host for this login."
msgstr ""
#: login.1.xml:217(para)
msgid "Preserve environment."
msgstr ""
#: login.1.xml:225(para)
msgid "Perform autologin protocol for rlogin."
msgstr ""
#: login.1.xml:230(para)
msgid "The <option>-r</option>, <option>-h</option> and <option>-f</option> options are only used when <command>login</command> is invoked by root."
msgstr ""
#: login.1.xml:239(para)
msgid "This version of <command>login</command> has many compilation options, only some of which may be in use at any particular site."
msgstr ""
#: login.1.xml:244(para)
msgid "The location of files is subject to differences in system configuration."
msgstr ""
#: login.1.xml:260(para)
msgid "As with any program, <command>login</command>'s appearance can be faked. If non-trusted users have physical access to a machine, an attacker could use this to obtain the password of the next person coming to sit in front of the machine. Under Linux, the SAK mechanism can be used by users to initiate a trusted path and prevent this kind of attack."
msgid "The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</filename> by default or LIMITS_FILE defined <filename>config.h</filename>) describes the resource limits you wish to impose. It should be owned by root and readable by root account only."
msgstr ""
#: limits.5.xml:55(para)
msgid "By default no quota is imposed on 'root'. In fact, there is no way to impose limits via this procedure to root-equiv accounts (accounts with UID 0)."
msgstr ""
#: limits.5.xml:61(para)
msgid "Each line describes a limit for a user in the form:"
msgstr ""
#: limits.5.xml:64(emphasis)
msgid "user LIMITS_STRING"
msgstr ""
#: limits.5.xml:67(para)
msgid "The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of resource limits. Each limit consists of a letter identifier followed by a numerical limit."
msgstr ""
#: limits.5.xml:73(para)
msgid "The valid identifiers are:"
msgstr ""
#: limits.5.xml:76(para)
msgid "A: max address space (KB)"
msgstr ""
#: limits.5.xml:77(para)
msgid "C: max core file size (KB)"
msgstr ""
#: limits.5.xml:78(para)
msgid "D: max data size (KB)"
msgstr ""
#: limits.5.xml:79(para)
msgid "F: maximum filesize (KB)"
msgstr ""
#: limits.5.xml:80(para)
msgid "M: max locked-in-memory address space (KB)"
msgstr ""
#: limits.5.xml:81(para)
msgid "N: max number of open files"
msgstr ""
#: limits.5.xml:82(para)
msgid "R: max resident set size (KB)"
msgstr ""
#: limits.5.xml:83(para)
msgid "S: max stack size (KB)"
msgstr ""
#: limits.5.xml:84(para)
msgid "T: max CPU time (MIN)"
msgstr ""
#: limits.5.xml:85(para)
msgid "U: max number of processes"
msgstr ""
#: limits.5.xml:86(para)
msgid "K: file creation mask, set by <citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry>."
msgstr ""
#: limits.5.xml:91(para)
msgid "L: max number of logins for this user"
msgstr ""
#: limits.5.xml:92(para)
msgid "P: process priority, set by <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>."
msgstr ""
#: limits.5.xml:97(para)
msgid "I: max nice value (0..39 which translates to 20..-19)"
msgstr ""
#: limits.5.xml:99(para)
msgid "O: max real time priority"
msgstr ""
#: limits.5.xml:102(para)
msgid "For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid <emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following entries are equivalent:"
msgid "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of the line is considered a limit string, thus comments are not allowed. A invalid limits string will be rejected (not considered) by the <command>login</command> program."
msgstr ""
#: limits.5.xml:120(para)
msgid "The default entry is denoted by username \"<emphasis>*</emphasis>\". If you have multiple <emphasis remap=\"I\">default</emphasis> entries in your <emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the default entry."
msgstr ""
#: limits.5.xml:127(para)
msgid "To completely disable limits for a user, a single dash \"<emphasis>-</emphasis>\" will do."
msgstr ""
#: limits.5.xml:132(para)
msgid "Also, please note that all limit settings are set PER LOGIN. They are not global, nor are they permanent. Perhaps global limits will come, but for now this will have to do ;)"
msgid "reports the most recent login of all users or of a given user"
msgstr ""
#: lastlog.8.xml:55(para)
msgid "<command>lastlog</command> formats and prints the contents of the last login log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</emphasis> will be printed. The default (no flags) causes lastlog entries to be printed, sorted by their order in <filename>/etc/passwd</filename>."
msgstr ""
#: lastlog.8.xml:67(para)
msgid "The options which apply to the <command>lastlog</command> command are:"
msgid "The users can be specified by a login name, a numerical user ID, or a <replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</replaceable> of users can be specified with a min and max values (<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
msgstr ""
#: lastlog.8.xml:122(para)
msgid "If the user has never logged in the message <emphasis>** Never logged in**</emphasis> will be displayed instead of the port and time."
msgstr ""
#: lastlog.8.xml:127(para)
msgid "Only the entries for the current users of the system will be displayed. Other entries may exist for users that were deleted previously."
msgid "The <filename>lastlog</filename> file is a database which contains info on the last login of each user. You should not rotate it. It is a sparse file, so its size on the disk is usually much smaller than the one shown by \"<command>ls -l</command>\" (which can indicate a really big file if you have in <filename>passwd</filename> users with a high UID). You can display its real size with \"<command>ls -s</command>\"."
msgstr ""
#: lastlog.8.xml:150(filename)
msgid "/var/log/lastlog"
msgstr ""
#: lastlog.8.xml:152(para)
msgid "Database times of previous user logins."
msgstr ""
#: lastlog.8.xml:160(para)
msgid "Large gaps in UID numbers will cause the lastlog program to run longer with no output to the screen (i.e. if in lastlog database there is no entries for users with UID between 170 and 800 lastlog will appear to hang as it processes entries with UIDs 171-799)."
msgid "It must be a valid group name, which exist on the system."
msgstr ""
#: gshadow.5.xml:75(para)
msgid "If the password field contains some string that is not a valid result of <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password)."
msgstr ""
#: gshadow.5.xml:82(para)
msgid "The password is used when an user who is not a member of the group wants to gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
msgstr ""
#: gshadow.5.xml:88(para)
msgid "This field may be empty, in which case only the group members can gain the group permissions."
msgstr ""
#: gshadow.5.xml:98(para)
msgid "This password supersedes any password specified in <filename>/etc/group</filename>."
msgid "The <command>grpck</command> command verifies the integrity of the system authentication information. All entries in <filename>/etc/group</filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</filename></phrase> are checked to see that the entry has the proper format and valid data in each field. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors."
msgstr ""
#: grpck.8.xml:87(para)
msgid "a unique group name"
msgstr ""
#: grpck.8.xml:90(para)
msgid "a valid list of members and administrators"
msgstr ""
#: grpck.8.xml:94(para)
msgid "The checks for correct number of fields and unique group name are fatal. If the entry has the wrong number of fields, the user will be prompted to delete the entire line. If the user does not answer affirmatively, all further checks are bypassed. An entry with a duplicated group name is prompted for deletion, but the remaining checks will still be made. All other errors are warnings and the user is encouraged to run the <command>groupmod</command> command to correct the error."
msgstr ""
#: grpck.8.xml:105(para)
msgid "The commands which operate on the <filename>/etc/group</filename> file are not able to alter corrupted or duplicated entries. <command>grpck</command> should be used in those circumstances to remove the offending entry."
msgstr ""
#: grpck.8.xml:115(para)
msgid "The options which apply to the <command>grpck</command> command are:"
msgstr ""
#: grpck.8.xml:122(para)
msgid "Execute the <command>grpck</command> command in read-only mode. This causes all questions regarding changes to be answered <emphasis>no</emphasis> without user intervention."
msgstr ""
#: grpck.8.xml:132(para)
msgid "Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</filename></phrase> by GID."
msgstr ""
#: grpck.8.xml:141(para)
msgid "By default, <command>grpck</command> operates on <filename>/etc/group</filename><phrase condition=\"gshadow\"> and <filename>/etc/gshadow</filename></phrase>. The user may select alternate files with the <emphasis remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</emphasis> parameters.</phrase>"
msgid "The <command>groups</command> command displays the current group names or ID values. If the value does not have a corresponding entry in <filename>/etc/group</filename>, the value will be displayed as the numerical group value. The optional <emphasis remap=\"I\">user</emphasis> parameter will display the groups for the named <emphasis remap=\"I\">user</emphasis>."
msgstr ""
#: groups.1.xml:66(para)
msgid "Systems which do not support concurrent group sets will have the information from <filename>/etc/group</filename> reported. The user must use <command>newgrp</command> or <command>sg</command> to change their current real and effective group ID."
msgid "The <command>groupmod</command> command modifies the definition of the specified <replaceable>GROUP</replaceable> by modifying the appropriate entry in the group database."
msgstr ""
#: groupmod.8.xml:68(para)
msgid "The options which apply to the <command>groupmod</command> command are:"
msgid "The value of <replaceable>GID</replaceable> must be a non-negative decimal integer. This value must be unique, unless the <option>-o</option> option is used. Values between 0 and 999 are typically reserved for system groups."
msgstr ""
#: groupmod.8.xml:89(para)
msgid "Any files that have the old group ID and must continue to belong to <replaceable>GROUP</replaceable>, must have their group ID changed manually."
msgid "The <command>groupmems</command> command allows a user to administer his/her own group membership list without the requirement of superuser privileges. The <command>groupmems</command> utility is for systems that configure its users to be in their own name sake primary group (i.e., guest / guest)."
msgstr ""
#: groupmems.8.xml:69(para)
msgid "Only the superuser, as administrator, can use <command>groupmems</command> to alter the memberships of other groups."
msgstr ""
#: groupmems.8.xml:76(para)
msgid "The options which apply to the <command>groupmems</command> command are:"
msgid "If the <filename>/etc/gshadow</filename> file exist, and the group has no entry in the <filename>/etc/gshadow</filename> file, a new entry will be created."
msgid "Purge all users from the group membership list."
msgstr ""
#: groupmems.8.xml:137(title)
msgid "SETUP"
msgstr ""
#: groupmems.8.xml:138(para)
msgid "The <command>groupmems</command> executable should be in mode <literal>2770</literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</emphasis>. The system administrator can add users to group <emphasis>groups</emphasis> to allow or disallow them using the <command>groupmems</command> utility to manage their own group membership list."
msgstr ""
#: groupmems.8.xml:147(programlisting)
#, no-wrap
msgid "\n\t$ groupadd -r groups\n\t$ chmod 2770 groupmems\n\t$ chown root.groups groupmems\n\t$ groupmems -g groups -a gk4\n "
msgid "The <command>groupdel</command> command modifies the system account files, deleting all entries that refer to <emphasis remap=\"I\">group</emphasis>. The named group must exist."
msgid "The <command>groupadd</command> command creates a new group account using the values specified on the command line plus the default values from the system. The new group will be entered into the system files as needed."
msgid "This option causes the command to simply exit with success status if the specified group already exists. When used with <option>-g</option>, and the specified GID already exists, another (unique) GID is chosen (i.e. <option>-g</option> is turned off)."
msgid "The numerical value of the group's ID. This value must be unique, unless the <option>-o</option> option is used. The value must be non-negative. The default is to use the smallest ID value greater than 999 and greater than every other group. Values between 0 and 999 are typically reserved for system accounts."
msgid "The numeric identifiers of new system groups are choosen in the <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in <filename>login.defs</filename>, instead of <option>GID_MIN</option>-<option>GID_MAX</option>."
msgid "Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes. They can end with a dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
msgid "If the groupname already exists in an external group database such as NIS or LDAP, <command>groupadd</command> will deny the group creation request."
msgid "administer the <placeholder-1/><placeholder-2/><placeholder-3/>"
msgstr ""
#: gpasswd.1.xml:60(replaceable)
msgid "option"
msgstr ""
#: gpasswd.1.xml:70(para)
msgid "The <command>gpasswd</command> command is used to administer <filename>/etc/group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</filename></phrase>. Every group can have <phrase condition=\"gshadow\">administrators,</phrase> members and a password."
msgid "System administrators can use the <option>-A</option> option to define group administrator(s) and the <option>-M</option> option to define members and has all rights of group administrators and members."
msgid "<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group administrator</phrase><phrase condition=\"no_gshadow\">a system administrator</phrase> with a group name only prompts for the new password of the <replaceable>group</replaceable>."
msgid "If a password is set the members can still use <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry> without a password, and non-members must supply the password."
msgid "Group passwords are an inherent security problem since more than one person is permitted to know the password. However, groups are a useful tool for permitting co-operation between different users."
msgstr ""
#: gpasswd.1.xml:110(para)
msgid "Except for the <option>-A</option> and <option>-M</option> options, the options cannot be combined."
msgstr ""
#: gpasswd.1.xml:114(para)
msgid "The options cannot be combined."
msgstr ""
#: gpasswd.1.xml:117(para)
msgid "The options which apply to the <command>gpasswd</command> command are:"
msgid "Remove the password from the named <replaceable>group</replaceable>. Only group members will be allowed to use <command>newgrp</command> to join the named <replaceable>group</replaceable>."
msgid "Restrict the access to the named <replaceable>group</replaceable>. Only group members will be allowed to use <command>newgrp</command> to join the named <replaceable>group</replaceable>."
msgid "This tool only operates on the <filename>/etc/group</filename><phrase condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot change any NIS or LDAP group. This must be performed on the corresponding server."
msgid "<command>faillog</command> displays the contents of the failure log database (<filename>/var/log/faillog</filename>). It can also set the failure counters and limits. When <command>faillog</command> is run without arguments, it only displays the faillog records of the users who had a login failure."
msgid "Display faillog record or maintains failure counters and limits (if used with <option>-l</option>, <option>-m</option> or <option>-r</option> options) only for the specified user(s)."
msgid "When none of the <option>-l</option>, <option>-m</option>, or <option>-r</option> options are used, <command>faillog</command> displays the faillog record of the specified user(s)."
msgid "NOTE: in display mode, only the records of users which currently exist in the system are displayed. In the other modes (when the <option>-l</option>, <option>-m</option>, or <option>-r</option> options are used), the records of the user, or the range of users, or all the users that may have an entry in the faillog database will be changed. This is useful to reset records of users that have been deleted or set a policy in advance for a range of users."
msgid "<command>faillog</command> only prints out users with no successful login since the last failure. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the <option>-u</option> flag, or print out all users with the <option>-a</option> flag."
msgid "<filename>/var/log/faillog</filename> maintains a count of login failures and the limits for each account."
msgstr ""
#: faillog.5.xml:49(para)
msgid "The file contains fixed length records, indexed by numerical UID. Each record contains the count of login failures since the last successful login; the maximum number of failures before the account is disabled; the line on whiche the last login failure occurred; the date of the last login failure; and the duration (in seconds) during which the account will be locked after a failure."
msgid "check and enforce password expiration policy"
msgstr ""
#: expiry.1.xml:60(para)
msgid "The <command>expiry</command> command checks (<option>-c</option>) the current password expiration and forces (<option>-f</option>) changes when required. It is callable as a normal user command."
msgid "The <command>chsh</command> command changes the user login shell. This determines the name of the user's initial login command. A normal user may only change the login shell for her own account, the superuser may change the login shell for any account."
msgstr ""
#: chsh.1.xml:74(para)
msgid "The options which apply to the <command>chsh</command> command are:"
msgstr ""
#: chsh.1.xml:96(para)
msgid "If the <option>-s</option> option is not selected, <command>chsh</command> operates in an interactive fashion, prompting the user with the current login shell. Enter the new value to change the shell, or leave the line blank to use the current one. The current shell is displayed between a pair of <emphasis>[ ]</emphasis> marks."
msgstr ""
#: chsh.1.xml:107(para)
msgid "The only restriction placed on the login shell is that the command name must be listed in <filename>/etc/shells</filename>, unless the invoker is the superuser, and then any value may be added. An account with a restricted login shell may not change her login shell. For this reason, placing <filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell back to its original value."
msgid "The <command>chpasswd</command> command reads a list of user name and password pairs from standard input and uses this information to update a group of existing users. Each line is of the format:"
msgid "By default the supplied password must be in clear-text, and is encrypted by <command>chpasswd</command>. Also the password age will be updated, if present."
msgid "The default encryption algorithm can be defined for the system with the ENCRYPT_METHOD variable of <filename>/etc/login.defs</filename>, and can be overwiten with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options."
msgid "The supplied passwords must be in clear-text."
msgstr ""
#: chpasswd.8.xml:92(para)
msgid "PAM is used to update the password in the system database according to the PAM chpasswd configuration."
msgstr ""
#: chpasswd.8.xml:96(para)
msgid "When <command>chpasswd</command> fails to update a password, it continues updating the passwords of the next users, and will return an error code on exit."
msgid "The <command>chgpasswd</command> command reads a list of group name and password pairs from standard input and uses this information to update a set of existing groups. Each line is of the format:"
msgid "The <command>chfn</command> command changes user fullname, office number, office extension, and home phone number information for a user's account. This information is typically printed by <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></citerefentry> and similar programs. A normal user may only change the fields for her own account, subject to the restrictions in <filename>/etc/login.defs</filename>. (The default configuration is to prevent users from changing their fullname.) The superuser may change any field for any account. Additionally, only the superuser may use the <option>-o</option> option to change the undefined portions of the GECOS field."
msgstr ""
#: chfn.1.xml:78(para)
msgid "These fields must not contain any colons. Except for the <emphasis remap=\"I\">other</emphasis> field, they should not contain any comma or equal sign. It is also recommended to avoid non-US-ASCII characters, but this is only enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> field is used to store accounting information used by other applications."
msgstr ""
#: chfn.1.xml:87(para)
msgid "If none of the options are selected, <command>chfn</command> operates in an interactive fashion, prompting the user with the current values for all of the fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a pair of <emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</command> prompts for the current user account."
msgid "The <command>chage</command> command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password."
msgstr ""
#: chage.1.xml:66(para)
msgid "The options which apply to the <command>chage</command> command are:"
msgid "Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area)."
msgid "Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again."
msgstr ""
#: chage.1.xml:95(para)
msgid "Passing the number <emphasis remap=\"I\">-1</emphasis> as the <replaceable>EXPIRE_DATE</replaceable> will remove an account expiration date."
msgid "Set the number of days of inactivity after a password has expired before the account is locked. The <replaceable>INACTIVE</replaceable> option is the number of days of inactivity. A user whose account is locked must contact the system administrator before being able to use the system again."
msgstr ""
#: chage.1.xml:120(para)
msgid "Passing the number <emphasis remap=\"I\">-1</emphasis> as the <replaceable>INACTIVE</replaceable> will remove an account's inactivity."
msgid "Set the maximum number of days during which a password is valid. When <replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> is less than the current day, the user will be required to change his/her password before being able to use his/her account. This occurrence can be planned for in advance by use of the <option>-W</option> option, which provides the user with advance warning."
msgstr ""
#: chage.1.xml:163(para)
msgid "Passing the number <emphasis remap=\"I\">-1</emphasis> as <replaceable>MAX_DAYS</replaceable> will remove checking a password's validity."
msgid "Set the number of days of warning before a password change is required. The <replaceable>WARN_DAYS</replaceable> option is the number of days prior to the password expiring that a user will be warned his/her password is about to expire."
msgstr ""
#: chage.1.xml:184(para)
msgid "If none of the options are selected, <command>chage</command> operates in an interactive fashion, prompting the user with the current values for all of the fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a pair of <emphasis>[ ]</emphasis> marks."
msgstr ""
#: chage.1.xml:194(para)
msgid "The <command>chage</command> program requires a shadow password file to be available."
msgstr ""
#: chage.1.xml:198(para)
msgid "The <command>chage</command> command is restricted to the root user, except for the <option>-l</option> option, which may be used by an unprivileged user to determine when his/her password or account is due to expire."
msgstr ""
#: chage.1.xml:251(replaceable)
msgid "15"
msgstr ""
#: chage.1.xml:253(para)
msgid "can't find the shadow password file"
msgstr ""
#: chage.1.xml:229(para)
msgid "The <command>chage</command> command exits with the following values: <placeholder-1/>"
msgstr ""
#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2.